Build failing when using git+ssh - passphrase required

[HerveSeger]

Hi.

I have a private repo in Github that is referenced in my package.json file like this: "ember-mx": "git+ssh://git@github.com:medavie/ember-mx.git#master"

I have created a key with an empty passphrase using ssh-keygen (no passphrase?).

I can run npm install on Windows without any problem but on Heroku it fails.

The problem is that the passphrase is expected when the script runs:

λ git push heroku master
Total 0 (delta 0), reused 0 (delta 0)
remote: Compressing source files... done.
remote: Building source:
remote:
remote: -----> Fetching set buildpack https://github.com/tonycoco/heroku-buildpack-ember-cli.git... done
remote: -----> Ember CLI app detected
remote: -----> Exporting config vars to environment
remote: -----> Building environment: production
remote: -----> Requested node range:  4.4.0
remote: -----> Resolved node version: 4.4.0
remote: -----> Downloading and installing node
remote: -----> Using default npm version: 2.14.20
remote: -----> Downloading and installing nginx
remote: -----> Adding boot script
remote: -----> Copying configs
remote: -----> Forcing rebuild of all node_modules. Pruning all node_modules.
remote: -----> Creating node_modules cache directory
remote: -----> Creating bower_components cache directory
remote: -----> Detected SSH key for git.  launching ssh-agent and loading key
remote: Agent pid 255
remote: Enter passphrase for id_rsa:
remote:  !     Push rejected, failed to compile Ember CLI app
remote:
remote: Verifying deploy...
remote:
remote: !       Push rejected to mss-ui.
remote:
To https://git.heroku.com/mss-ui.git
 ! [remote rejected] master -> master (pre-receive hook declined)
error: failed to push some refs to 'https://git.heroku.com/mss-ui.git'

I know that in the build script there is a mention about passphrases not supported yet:

if [ "$GIT_SSH_KEY" != "" ]; then
  status "Detected SSH key for git.  launching ssh-agent and loading key"
  echo $GIT_SSH_KEY | base64 --decode > id_rsa
  # launch ssh-agent, we'll use it to serve our ssh key
  # and kill it towards the end of the buildpack's run
  eval `ssh-agent -s`
  # ssh-add doesn't like the default 644
  chmod 600 id_rsa
  # We're not supporting passphrases at this time.  We could pull that in
  # from config as well, but then we'd have to setup expect or some other
  # terminal automation tool to feed it into ssh-add.
  ssh-add id_rsa
  rm id_rsa
  # Add github to the list of known hosts - ignore the warning or else set -e will abort the deployment
  ssh -oStrictHostKeyChecking=no -T git@github.com || true
fi

About expect, in this thread it shows how to use it to enter an empty passphrase.

Is it planned to support passphrases (even empty passphrases) at some point?

Thanks for this very nice buildpack.

[tonycoco]

I haven't ever used this feature myself. Someone else implemented it. Maybe they could chime in? /cc @jzempel

[felixbuenemann]

@HerveSeger You could use ssh-keygen -p -f your-private-key to remove the password, just press enter when asked for the new password to remove it.

[vladucu]

@HerveSeger did you ever get this working? running into the same thing though there's no passphrase set

[HerveSeger]

@felixbuenemann Sorry for my late answer.

If I remember correctly I never setup a password (similar to what @vladucu did) but the passphrase was still required when building. So I was stuck.

Anyway I think that building locally and deploying the /dist folder as a static website is the best solution. I have had the chance to test this solution on a private cloud and it is simpler.

[felixbuenemann]

The following should work to add the ssh key when it always asks for passphrase:

echo $GIT_SSH_KEY | base64 --decode | DISPLAY= ssh-add - &>/dev/null

This also never writes the key out to a file, which is better for security.